I am very excited to see you all in the next Omaha Azure User Group meetup. This time we will speak about the latest advancements and use cases you could apply in your Azure resource authoring toolkit.
As you may know, it is that time of a year when great content will be coming to the town! You could enjoy and learn throughout the month of December, as people behind the #festivetechcalendar will be bringing you lots of new content from different communities and people around the globe.
This year, I have submitted two sessions and have been nicely surprised yesterday. Both sessions have been accepted and I am looking forward to deliver following sessions for the community:
Session # 1: What you need to know about Azure AD security defaults?
In this session above, we will discuss about how to get started with Azure security on right foot and its challenges. We will focus on importance of a strong Identity and Access in any cloud solution that we are creating for our customers. One simple way to get started is review and adjustment of security default options in Azure AD. We will also look into the set of practices to get you started with Azure AD setup and learn about the benefits of Azure Security Benchmark.
Session # 2: All you need to know about Azure Bicep configurations
In the second session, we will talk about Azure Bicep – a new language that aims to ease Azure resource authoring and management. This new language comes with a powerful VS Code extension and config file options. In this session, we will unveil dozens of powerful features in our config file to suit your style of coding on VS Code and cheer up our productivity skills. We will apply our fresh skills by creating several Bicep demos in the process.
I sincerely hope that these sessions will spark your interest and I am looking forward to see you all during this event. But most importantly, I hope you could have lots of fun during this festive month.
Stay tuned for more Azure AD, Automation & Security related posts.
It is a pretty common situation when as a Developer you are not granted access to work with company Azure AD. And there are many reasons why corporate security / IT would be hesitant to provide that access.
However, this situation should not discourage you from experimenting and prototyping solutions that you have.
Let’s consider following two easy options to create a free Azure Active Directory with Premium (P1 or P2) trial licenses. This will enable you to install/create an app that requires Azure AD license, and start testing and validating your workloads right away:
Option # 1: Microsoft 365 Developer Program
Join a free Microsoft 365 Developer Program and get a free sandbox, tools, and other resources you need to build solutions for the Microsoft 365 platform. Resources like an Azure AD with Premium licenses, pre-configured users, groups, mailboxes and etc.
Option # 2: Create an Azure trial account
Create a new free Azure AD account with a tenant and activate your Premium licenses in your new tenant. This is a classic option for anyone who is trying to learn Azure for the first time.
The Azure trial account will give you one month to play with Azure and Azure AD services, where you will get certain credits to spend on Azure resources. You will get an option to convert this trial subscription into a paid one at the end of the trial period.
How to Join Microsoft 365 Developer Program
My recommendation would be to sign up for the free Microsoft 365 developer program that gets renewed automatically, if you are using that account. Check out the following instructions on how to set-up one:
2. Sign in with a exisiting or new Microsoft Account you already have
3. On the signup page, fill the form and accept the terms and conditions of the program, and click next
4. Continue with a subscription set-up. You should specify the region where you want to create your new tenant, create a username, domain and enter a password. This step will create a new tenant and an administrator account of the tenant.
5. Enter the security information which is required to protect the sensitive administrator account. Complete this step by setting up MFA authentication for your admin account.
6. Link your developer account with your GitHub account for an easy renewal. You should see the following GitHub account link blue banner, once the linking operation succeeds.
Congratulations! You have created a new Azure AD tenant with 25 E5 user licenses. This also includes Azure AD Premium licenses.
As an additional perk, you can also add sample data packs with users, Mail & Events and SharePoint, as sample data for your development environment.
Good Luck on your next M365 project!
Stay tuned for more Azure AD, Automation & Security related posts.
This month we have awesome updates from Azure bicep team that I am happy to share with all of you (Azure community, Deployment Automation, Resource management and Governance geeks 🙂
The following list are August month updates:
Bicep Linter, Snippets, Scaffolding
Right click build
Deployment Stack updates
Bicep roadmap plans (v0.5 and eventually v1.0)
OCI Artifact standardizations
Module registry functionality
Module Reference Syntax
Parameter Improvement options
Bicep Linter updates
The yellow squiggly lines indicate the Linter violations and complains where best practices are violated. Like, password param should not be checked into the code repository. Another one is using string concat function instead of string interpolation.
Right click build
The right click build on bicep file is a new convince feature that was also added on new build.
You can also use a shortcut keys Ctrl+Shift+B as an alternative way to build your JSON files from bicep files.
This feature also arrived on a v0.4.6 build that provides required-properties to be auto populated to speed up your Azure resource coding. It is derived from a resources swagger spec and auto-populated for you. Yay!
New Code Snippets
You will love to discover that bunch of new snippets has been added.
Just type res- and you will scroll over all those starter boilplet code. Just imagine how much time you will be saving. It is Huge!!!
Bicep Roadmap annoncements
Well, Bicep team annonced that next build will bring the v0.5 and they do target v1.0 by th end of the year. What does it mean is – there will be no API level breaking changes starting from the version v1.0.
What is Next?
Keep tuned for upcoming v0.5 version. The Module registry updates and syntax updates on OCI Artifacts are going to be next Huge things, as they will add into the maturity of this AWESOME tool in Azure!
I hope everyone getting a chance to enjoy the summer and spend some time with loved once.
That said – Azure Bicep team does not seem slowing down, and I love it! New features and capabilities have been added to Azure Bicep product v0.4 version, and we will review those innovations on this post.
What is Azure Bicep?
Azure Bicep is a domain-specific language (DSL) that significantly simplifies the Azure resource authoring. It makes representation of your Azure digital estate concise with clean syntax by adding reliable type safety and code-reuse.
A typical Azure Bicep language code for an Azure storage account declaration will look as simple as the following code below – which basically explains why Bicep is called a DSL.
Why would you need it?
There are number of benefits in using Infrastructure-as-Code approach. Azure Bicep might be the right tool for you to use for Azure deployments, especially if you are trying to modernize and simplify the Azure deployment process.
Let’s look into scenarious where Bicep is the right tool to use:
✔️ Want to use language native to Azure? ✔️ Looking for fully integrated templates withing Azure platform? ✔️ Looking for fully supported product with Microsoft? ✔️ Don’t want to keep or worry about your resource state information ✔️ Looking to modernize and easy transition from JSON
Well, if your response is YES for above statements/questions then Bicep will be right tool for your solution.
New additions to Azure Bicep in version 0.4
There are numbers of enhancement and features has been added from this release. Let’s look at main Highlights of these features below:
✅ Linter MVP – The Bicep linter will inspect your code and catch a customizable set of authoring best practices. ✅ Deprecated parameter modifiers removed – Strip out deprecated parameter modifier syntax ✅ New code snippets – Suggestion with new code snippets added ✅ Bug fixes – Number of bug fixes added, thanks to community support ✅ Bicep Playground fixes – Playground doesn’t load after breaking change. ✅ Documentation and examples update ✅ Support for List method call on Azure resource references ✅ Support for JSON literal string conversion ✅ Support for using local json templates as modules ✅ Support for object body completion snippets
What is next?
There are still number of milestones in-front of Bicep team, as the versioning # of Bicep project indicates. That said, starting from Bicep version 0.3 you can get an official Microsoft support.
Below is the sneak-pick preview on what is cooking for v0.5 – which is expected to be out sometimes around August month this year.
After updating to the latest Azure CLI (2.22.0) for Windows 10, I am now seeing the same error as others have reported:
Any command such as “az bicep version” is producing the following error:
The command failed with an unexpected error. Here is the traceback and detailed error: type object 'datetime.datetime' has no attribute 'fromisoformat' Traceback (most recent call last): File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\knack/cli.py", line 231, in invoke File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 657, in execute File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 720, in _run_jobs_serially File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 691, in _run_job File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 328, in call File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/init.py", line 807, in default_command_handler File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/resource/custom.py", line 3294, in build_bicep_file File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/resource/_bicep.py", line 63, in run_bicep_command File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/resource/_bicep.py", line 152, in _load_bicep_version_check_result_from_cache AttributeError: type object 'datetime.datetime' has no attribute 'fromisoformat'
Is there a temp workaround?
One of the workarounds is to uninstalled Azure CLI 2.22.0 , and then install the prior version 2.21.0. You could confirm 2.21.0 version is working for you by running the same command.
Hope this will be helpful for you, as i faced with this issue hours before my demo to #GlobalAzure 2021 😐
The biggest benefit in using Git and infrastructure-as-code (IaC) is that you can now use continuous integration and deployment. With tools like GitHub actions, you can automatically deploy and/or update infrastructure code and automatically apply it to your cloud environment. Resources that have been added to the infrastructure code are created automatically and made ready for use.
The resources that were changed are updated in your cloud environment and resources that are removed from the infrastructure code are automatically spun down and deleted. This allows you to write code, commit it to your Git repository, and take full advantage of all the benefits of the DevOps process.
GitOps uses a Git repository as the single source of truth for infrastructure definitions. Simply put, a Git repository is a “.git” folder in a project that tracks all changes made to files in a project. Infrastructure as code (IaC) is the practice of keeping all infrastructure configuration tracked and saved as code files. The actual desired state may or may not be stored as code, depending your approach and organizational policies.
GitOps uses merge requests as the change process for all infrastructure updates. The merge request (MR) is where teams can collaborate via reviews and comments. The MR could also have a formal approval for changes to take place. A merge commits to your “main” branch is a potential changelog for a later audit and/or troubleshooting when needed.
GitOps automates infrastructure updates using a Git workflow with continuous integration and continuous delivery (CI/CD). When new code is merged, the CI/CD pipeline enacts the change in the environment. Any configuration drift, such as manual changes or errors, is overwritten by GitOps automation so the environment converges on the desired state defined in the Git. GitHub actions uses CI/CD pipelines to manage and implement GitOps automation.
GitOps isn’t a black box anymore. It just takes IaC tools you already know and wraps them in a DevOps-style workflow. This approach provides a better revision tracking, fewer costly errors, and quick, automated infrastructure deployments that can be repeated for on any environment.
By adopting GitOps in your organization, you could improve the developer experience because often-dreaded releases become fully automated. This will allow developers to focus on their code. Teams eliminate or minimize manual steps and make deployments repeatable and reliable.
You could also improve security and standardization by utilizing GitOps. By practicing GitOps, developers have no need to manually access cloud resources and additional security checks can be put in place at the code level in CI/CD pipelines.
I hope you like the GitOps approach and please let me know, what are you working on. Or how you could relate your work to GitOps?
If you are looking to get some study tips on an Azure DevOps Engineer Expert certification then you landed in a right post 🙂
So why Azure DevOps as a platform for your organization’s digital transformation? Well it is build for any language, and any platform. Yes, that is 100% true statement! Run the OSS (#opensourcesoftware) tools and frameworks on it, anything you want, in addition to Microsoft stack.
This weekend, I got loaded with fresh coffee and sit to wright-down experiences and resources I have used, along the journey to become an Azure DevOps Expert. This journey brings along a new credential in Microsoft Certified: DevOps Engineer Expert. However, most importantly, it refreshes your understanding of latest developments in the DevOps ecosystem on Microsoft Azure platform.
Side note:I have been actively using Microsoft DevOps pipelines for the last 2.5 years. Having this experience provided a lot of help in understanding exam objectives and focusing on areas that I never touched.
Overall, Microsoft Expert exams are harder than Azure fundamentals and associate exams. They come with test scenarios, labs and tricky questions where you have to know the order of processes – in one way testing your real-world understanding of the processes and technologies and its interconnected components.
Earning the DevOps Engineer Expert certification demonstrates the ability to combine people, process, and technologies to continuously deliver valuable products and services that meet end user needs and business objectives. DevOps professionals streamline delivery by optimizing practices, improving communications and collaboration, and creating automation.
Now, as you may expect, there are tons of material out there on how to get prepared for required two exams that qualifies you to Expert certification. I took a bit stiff hill to climb 🙂 First, I went head-on with AZ-400 “Designing and Implementing Microsoft DevOps Solutions” exam and later focused on Azure Administrator Associate exam.
As an alternative, you could choose a developer path. It applies very well for the case, where you might already have an Azure Developer Associate certification and just need to pass AZ-400 to qualify for the DevOps Expert certification.
Study Materials and references
I primarily used Microsoft Learn – an online and free starting point to cover gaps in my knowledge and skills. by complementing it with Pluralsight videos. I have combined the following list of resources that you might find handy 🙂
In summary, the important once are listed on top. They are all very important, as you would like to keep your knowledge up to date with developments on DevOps world.
In a nutshell, I tried my best to walk you through the process, options and resources that will help you along the way. Hopefully, this brief guide will help you on your journey to prepare and become an Expert DevOps Engineer!
Meanwhile, feel free to answer the following questions:
Comment on your exam preparation approach?
What challenges are you facing or already overcame?
What helped and what did not – in setting up for a DevOps journey?